<?php
!function_exists('adminmsg') && exit('Forbidden');

if ($job=='add' || $job=='edit') {
	$adtype= array();
	$query = $db->query("SELECT varname,title FROM pw_modules WHERE type=6 AND title!='' GROUP BY varname");
	while($rt = $db->fetch_array($query)) {
		if (!in_array($rt['varname'],array('header','footer','text','article','rightfloat','leftfloat','popup', 'float'))) {
			$adtype[]=$rt;
		}
	}
}
if (empty($job)) {

	InitGP(array('page','varname','keyword'));
	$sql = '';
	$varname && $sql .= " AND varname='$varname'";
	$keyword && $sql .= " AND title LIKE '%$keyword%'";

	require_once(R_P.'require/forum.php');
	$rt = $db->get_one("SELECT COUNT(*) AS sum FROM pw_modules WHERE type=6 $sql");
	(!is_numeric($page) || $page<1) && $page = 1;
	$limit = "LIMIT ".($page-1)*$db_perpage.",$db_perpage";
	$pages = numofpage($rt['sum'],$page,ceil($rt['sum']/$db_perpage), "$basename&varname=$varname&keyword=".rawurlencode($keyword).'&');

	$query = $db->query("SELECT id,varname,state,vieworder,title,config FROM pw_modules WHERE type=6 $sql ORDER BY varname,vieworder $limit");
	while ($rt = $db->fetch_array($query)) {
		$config = unserialize($rt['config']);
		$rt['fid']		 = explode(',',$config['fid']);
		$rt['adtitle']	 = $config['title'];
		$rt['starttime'] = $config['starttime'];
		$rt['endtime']	 = $config['endtime'];
		$moduledb[] = $rt;
	}
	include_once PrintHack('admin');exit;

} elseif ($job == 'add') {

	if (empty($_POST['step'])) {

		InitGP(array('s','n'));
		include_once(D_P.'data/bbscache/forumcache.php');
		foreach ($forum as $k=>$v) {
			if ($v['type'] == 'category') {
				$forumcache = str_replace("<option value=\"$v[fid]\">>> $v[name]</option>","<optgroup label=\"$v[name]\" />",$forumcache);
			}
		}
		$style     = 'code';
		$adtype    = '';
		$pst_1     = 'checked';
		$selids_01 = $lou_01 = 'selected';
		$config['starttime'] = get_date($timestamp,'Y-m-d');
		$config['endtime']   = get_date($timestamp+31536000,'Y-m-d');
		$config['htmlcode']  = $s ? stripslashes($s) : '';
		$rt['title'] = $n ? stripslashes($n) : '';
		include_once PrintHack('admin');exit;

	} elseif ($_POST['step']=='2') {

		InitGP(array('varname','vieworder','title','module','selids','lou'));
		!$varname && adminmsg('module_adderror');
		if ($module['style'] == 'code' && !$module['htmlcode']) {
			adminmsg('advert_code_error');
		} elseif ($module['style'] == 'txt' && (!$module['title'] || !$module['link'])) {
			adminmsg('advert_txt_error');
		} elseif ($module['style'] == 'img' && (!$module['url'] || !$module['link'])) {
			adminmsg('advert_img_error');
		} elseif ($module['style'] == 'flash' && !$module['link']) {
			adminmsg('advert_flash_error');
		} elseif ($module['style'] == 'code' && ($varname == 'leftfloat' || $varname == 'rightfloat') && preg_match('/<script[^>]*?>.*?<\/script>/si',$module['htmlcode'])){
			adminmsg('advert_float_error');
		}
		
		if (empty($title)) {
			if ($module['style'] == 'code') {
				$title = substrs(strip_tags($module['htmlcode']),30);
			} elseif ($module['style'] == 'txt') {
				$title = $module['title'];
			}
			empty($title) && adminmsg('advert_descrip');
		}

		$fids = '';
		foreach ($selids as $key => $val) {
			if (is_numeric($val)) {
				$fids .= $fids ? ','.$val : $val;
			}
		}
		$module['fid'] = $fids;
		if ($varname == 'article') {
			$lous = '';
			foreach ($lou as $key=>$val) {
				is_numeric($val) && $lous .= $lous ? ','.$val : $val;
			}
			$module['lou'] = $lous;
		}
		foreach ($module as $key => $value) {
			$module[$key] = stripslashes($value);
		}
		$config = addslashes(serialize($module));
		$db->update("INSERT INTO pw_modules(type,varname,state,vieworder,title,config) VALUES('6','$varname','1','$vieworder','$title','$config')");
		updatecache_c();
		$basename="$amind_file?adminjob=hack&hackset=advert";
		adminmsg('operate_success');
	}
} elseif ($job=='edit') {

	if (empty($_POST['step'])) {

		InitGP(array('id'));
		include_once(D_P.'data/bbscache/forumcache.php');
		foreach ($forum as $k=>$v) {
			if ($v['type'] == 'category') {
				$forumcache = str_replace("<option value=\"$v[fid]\">>> $v[name]</option>","<optgroup label=\"$v[name]\" />",$forumcache);
			}
		}
		$rt = $db->get_one("SELECT * FROM pw_modules WHERE type=6 AND id='$id'");
		if (!$rt) {
			adminmsg('module_id_error');
		}
		$config = unserialize($rt['config']);
		HtmlConvert($rt);
		HtmlConvert($config);

		$style  = $config['style'];
		$adtype = $rt['varname'];
		${'style_'.$config['style']} = 'selected';
		${'method_'.$config['method']}='checked';
		${'order_'.$config['order']} = "selected";

		$fids = explode(',',$config['fid']);
		foreach ($fids as $k=>$v) {
			if ($v > 0) {
				$forumcache = str_replace("<option value=\"$v\">","<option value=\"$v\" selected>",$forumcache);
			} else{
				${'selids_0'.abs($v)} = 'selected';
			}
		}
		if ($adtype == 'article') {
			$lou = explode(',',$config['lou']);
			foreach ($lou as $k => $v) {
				$v > 0 ? ${'lou_'.$v} = 'selected' : ${'lou_0'.abs($v)} = 'selected';
			}
			${'pst_'.$config['position']} = 'checked';
		} else {
			$pst_1 = 'checked';
			$lou_01= 'selected';
		}
		include_once PrintHack('admin');exit;

	} elseif ($_POST['step']=='2') {

		InitGP(array('id','varname','vieworder','title','module','selids','lou'),'P');
		$basename = "$amind_file?adminjob=hack&hackset=advert&job=edit&id=$id";
		!$varname && adminmsg('module_adderror');
		if ($module['style'] == 'code' && !$module['htmlcode']) {
			adminmsg('advert_code_error');
		} elseif ($module['style'] == 'txt' && (!$module['title'] || !$module['link'])) {
			adminmsg('advert_txt_error');
		} elseif ($module['style'] == 'img' && (!$module['url'] || !$module['link'])) {
			adminmsg('advert_img_error');
		} elseif ($module['style'] == 'flash' && !$module['link']) {
			adminmsg('advert_flash_error');
		} elseif ($module['style'] == 'code' && ($varname == 'leftfloat' || $varname == 'rightfloat') && preg_match('/<script[^>]*?>.*?<\/script>/si',$module['htmlcode'])){
			adminmsg('advert_float_error');
		}
		if (empty($title)) {
			if ($module['style'] == 'code') {
				$title = substrs(strip_tags($module['htmlcode']),30);
			} elseif ($module['style'] == 'txt') {
				$title = $module['title'];
			}
			empty($title) && adminmsg('advert_descrip');
		}

		if ($varname == 'popup') {
			!$module['height'] && $module['height'] = 100;
			!$module['width'] && $module['width'] = 200;
			!$module['close'] && $module['close'] = 5;
		}
		if (is_array($selids)) {
			$fids = '';
			foreach ($selids as $key=>$val) {
				if (is_numeric($val)) {
					$fids .= $fids ? ','.$val : $val;
				}
			}
			$module['fid'] = $fids;
		} else {
			$module['fid'] = '';
		}
		if ($varname == 'article') {
			$lous = '';
			foreach ($lou as $key=>$val) {
				is_numeric($val) && $lous .= $lous ? ','.$val : $val;
			}
			$module['lou'] = $lous;
		}
		$module['descrip'] = str_replace("\n",'<br />',$module['descrip']);
		foreach ($module as $key=>$value) {
			$module[$key] = stripslashes($value);
		}
		$config = addslashes(serialize($module));
		$db->update("UPDATE pw_modules SET varname='$varname',vieworder='$vieworder',title='$title',config='$config' WHERE type='6' AND id='$id'");
		updatecache_c();
		$basename="$amind_file?adminjob=hack&hackset=advert";
		adminmsg('operate_success');
	}
} elseif ($job=='del') {

	InitGP(array('selid','applyid','allid'),'P');
	if ($selid = checkselid($selid)) {
		$db->update("DELETE FROM pw_modules WHERE type='6' AND id IN($selid)");
	}
	if ($allid = checkselid($allid)) {
		$db->update("UPDATE pw_modules SET state=0 WHERE type='6' AND id IN($allid)");
	}
	if ($applyid = checkselid($applyid)) {
		$db->update("UPDATE pw_modules SET state=1 WHERE type='6' AND id IN($applyid)");
	}
	updatecache_c();
	adminmsg('operate_success');
}
?>